<cfcomponent name="UserGateway" hint="User management" namespace="com.nowrists" extends="Gateway" output="false">
	<cffunction name="Clear" access="package" output="false" returntype="void">
		<cflock scope="Session" timeout="5">
			<cfset StructDelete(Session,"Email",false)>
			<cfset StructDelete(Session,"Fullname",false)>
		</cflock>
	</cffunction>
	<cffunction name="Login" access="remote" output="false" returntype="xml">
		<cfargument name="Email" type="string" required="true" />
		<cfargument name="Password" type="string" required="true" />
		<cfset var result="">
		<cfset var error="">
		<cfset Arguments.Password=Hash(Arguments.Password,"MD5")>
		<cfset Arguments.Email=LCase(Trim(Arguments.Email))>
		<cftry>
			<cfquery datasource="#Variables.DSN#" name="UserLookup" timeout="5" blockfactor="2" maxrows="2">
			SELECT Fullname
			FROM nws_users
			WHERE (email = <cfqueryparam cfsqltype="cf_sql_varchar" value="#Arguments.Email#">)
			  AND (password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#Arguments.Password#">)
			</cfquery>
			<cfif UserLookup.RecordCount GT 1>
				<cfset error="Too many registrations">
			<cfelseif UserLookup.RecordCount EQ 1>
				<cfset result='<userinfo fullname="#HTMLEditFormat(UserLookup.Fullname)#" />'>
				<cflock scope="Session" timeout="5">
					<cfset Session.Email=Arguments.Email>
					<cfset Session.Fullname=UserLookup.Fullname>
				</cflock>
			<cfelse>
				<cfset error="No such user or bad password">
			</cfif>
			<cfcatch>
				<cfset error=CFCatch.Message>
			</cfcatch>
		</cftry>
		<cfif error NEQ "">
			<cfset result='<userinfo error="#error#" />'>
			<cfset Clear()>
		</cfif>
		<cfcontent type="text/xml" reset="true">
		<cfreturn result>
	</cffunction>
	<cffunction name="Logout" access="remote" output="false" returntype="xml">
		<cfset Clear()>
		<cfcontent type="text/xml" reset="true">
		<cfreturn "<ok />">
	</cffunction>
</cfcomponent>